[libvirt] Fine grained Access Control in libVirt
Richard W.M. Jones
rjones at redhat.com
Thu Jan 15 13:42:41 UTC 2009
On Thu, Jan 15, 2009 at 02:39:20PM +0100, Konrad Eriksson1 wrote:
> When looking at the libvirt core and driver framework it seems promising
> to inject these kind of call-out hooks either in libvirt.c or between
> libvirt.c and the underlying drivers, by doing this AC will be enforced
> independent of if a local or remote call is done to libVirt.
In libvirt.c is probably easier ... And abstract out the read-only
checks at the same time.
> Feel free to comment and to come with improvement ideas.
All sounds good. There's a wiki page waiting to be filled in with
the details here:
http://wiki.libvirt.org/page/TodoFineGrainedSecurity
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the libvir-list
mailing list